He also noted that all the A5(X) AES keys will be posted here shortly.
All A5(X) AES Keys will be posted on @icj_’s http://www.icj.me/ios/keys as soon as I clean this up a bit more :)
While the iBoot exploit is not as good as a bootrom exploit, iH8Sn0w notes that it is very powerful and will result in his A5(X) devices having an untethered jailbreak for life.
So looks like all my A5(X) devices are fully untethered and jailbroken for life now. :)
No. This isn’t a bootrom exploit. Still a very powerful iBoot exploit though (when exploited properly ;P /cc @winocm).
Update: It appears that this exploit may never go public, according to a tweet from winocm.
@iH8sn0w @livealex13 this one isn't ever going public. It's hell to use.
So why is this important? If kept private, this exploit can be used to help find other ones. We now have a 'secret weapon' that can be used to grab encryption keys and find new jailbreaks on newer firmwares and devices!
Would you like to be notified when someone replies or adds a new comment?
Yes (All Threads)
Yes (This Thread Only)
No
Notifications
Would you like to be notified when we post a new Apple news article or tutorial?
Yes
No
Comments (33)
Comments are closed for this article.
0
odedoo1 - February 9, 2014 at 10:52pm
It seems like you guys are not understanding the meaning of this exploit! With this exploit that Apple can not close because it's hardware exploit and not software, will be able to upgrade A5(X) devices to any iOS that Apple will come out with and find software exploits for jail braking all devices.
0
mattlyon - April 1, 2014 at 7:38pm
Just like the iPhone 4....
0
odedoo1 - February 9, 2014 at 10:45pm
if i'm not mistaken he jailbroke his iPhone 5 iOS 6 24 hours after the release but he never shared that jailbreak with nobody and teasing everybody about it for 6 month that he is the only person walking around with an iOS 6 jailbroken iDevice till the evasion team managed to creat their own jailbreak for iOS 6. just covering my a*ss i'm not absolutely sure if it's him or another hacker which i rather not say his name but the story is true.
0
jasons - February 3, 2014 at 8:23pm
or he meant unlock the activation lock
0
Pr0toc0L - February 3, 2014 at 7:28pm
Some people seem incapable of deciphering what is what. And unlock simply means "to unlock the phone from a particular CELLULAR provider and open it to any cellular provider". That is a world of difference from a jailbreak exploit that deals with thr entire OS of the device. Just because an iPhone is jailbroke DOES NOT mean it is unlocked. The two are entirely different.
0
Raniel - February 3, 2014 at 1:55pm
I'm only interested in unlocking my iphone not this jailbreak exploits.
0
Chris - February 3, 2014 at 5:33pm
Why don't you just pay your carrier the 35 dollars or whatever the fee is to officially unlock it? Or does your carrier not support that?
0
odedoo1 - February 9, 2014 at 11:04pm
Just buy an Apple unlock, do a search for IMEI unlocking, it used to be really cheap but since it become against the law in the U.S, the prices went up in Europe but still worth it because you'll never ever need to worry about unlocking that device again and if it's locked by AT$T then it's really cheap. "IMEI unlock is Apple factory unlocking so it's forever ". And it's all done over the net.
0
gamerscul9870 - February 10, 2014 at 12:00am
At$t lol
0
mocha - February 3, 2014 at 5:14am
Why we bother to exploit the 1st world war's device, as we are in the middle of 3rd world war?
0
UltimateXtreme - March 3, 2014 at 8:23am
Because a load of people are still using WW1 devices, which includes me. If I remember correctly, there are more iPad 2s than any other, and that its sales success made it into the GBoWRs (during WW1). And A5 devices are still certified to handle everything the next gens are, maybe not so well, but can handle it still.
0
XBMC FTW - February 2, 2014 at 3:01pm
Apple TV 3 - FINALLY !!!!! XBMC has a new home !!!
0
forty0z - February 3, 2014 at 6:14am
There are better devices to use xbmc on that are cheaper. Like the ouya and other android devices.
0
Chris - February 3, 2014 at 5:34pm
Actually, the AT3 isn't jailbreakable because of this iBoot exploint. The device needs to be jailbroken first o be able to utilize this (from what I've heard).
0
Egon - February 4, 2014 at 2:22pm
there are 2 types of atv3
0
Saul - February 2, 2014 at 6:40am
I wonder is this going to tethered or untethered jailbreak?
0
Um.... - February 2, 2014 at 12:58pm
Why don't you try reading that again (maybe slower) & you'll answer your own question.
0
jasons - February 2, 2014 at 5:29am
but how many of them getting ios 8?
0
gamerscul9870 - February 2, 2014 at 5:31am
Me unless this idea of iOS 6 being unincluded is not being accepted.
0
Pr0toc0L - February 2, 2014 at 4:20am
What Ive learned is there is no absolutes. There is no such thing as "unexploitable". So for hackers and developers, the claim of "permanent" jailbreak is merely an understanding rather than a set in stone concept. Its not that Apple cant eliminate such an exploit, it's that they would have to change the structure of the boot process, which is something that is generally a constant with little variable.
0
RogerWilco - February 2, 2014 at 3:08am
I guess I don't see the importance of this when these devices will plateau soon in terms of OS upgradability. If I can't upgrade beyond iOS 7.0.4 and it's already jailbroken, I'm essentially already jailbroken for life, right? Does Apple go back and patch old versions of iOS? No, right? And the average iPhone user will upgrade their device in 3-4 years, if not sooner, so you'll be back to square one then anyway...Still, short term benefits are good, I suppose.
0
The Devils >> Devil....!! - February 2, 2014 at 12:39am
so what ur saying is apple have no way, to access this hardcoded key, even though they designed and know every there is to know? if i designed something anything im sure i would know how to flush out what i don't want there! until i fully know how it works, i doubt everything i read or hear! unless its proven! plus tomorrow is another day who knows what comes next, these guys are at the top, and do what they like when they like!
0
n350z - February 1, 2014 at 11:40pm
Read this in a book i have and thought it might help explain in more detail.
"Vulnerabilities inside iBoot are nearly as powerful as vulnerabilities inside the bootrom when it comes to features they can provide. These vulnerabilities have the downside that iBoot is not baked into the hardware and therefore they can be fixed by a simple software upgrade.
Aside from this, iBoot is still early enough in the bootchain that boot arguments can be given to the kernel, the kernel can be patched, or the hardware can be used directly to perform GID key AES operations"
0
iuser - February 1, 2014 at 11:37pm
Hooray!!! Hope it works for my Apple TV 3!
1
Pr0toc0L - February 1, 2014 at 10:38pm
Its possible if it goes into the kernel (which more than likely does) and is inserted into the actual boot processes itself. Any code bootable code can be entered into the boot process, this is how Apple or any OS is able to load an OS in the first place
0
George - February 1, 2014 at 8:54pm
Does this also allow downgrading?
0
Collin - February 2, 2014 at 1:08am
OMG i really Hope SOOOO!!!
0
n350z - February 1, 2014 at 8:45pm
He's also said he "will start working on A6 later" so who knows maybe A5 A6 A7 iboot coming ;)
0
gamerscul9870 - February 1, 2014 at 9:08pm
Unless apple doesn't include any iOS 6 anything added to iOS 7 jb, then this guy will have to add that to the jb list.
1
Me - February 1, 2014 at 8:41pm
Apple TV 3?? Hope so!
0
The Devils >> Devil....!! - February 1, 2014 at 8:57pm
Im Not Sure How Sure How This All Works, Surely Apple Could Patch It Once It Heard, A Jailbrake 4 Life To Me Is Only Possible With No Software Updates On The Device? I Don't See How a Jailbroken Device Could Exist With Software Updates For Life When No 1 Knows Which Way Apple Decide 's To Go? I Might Be Wrong! But I Guess No-One Really Knows?
0
Chris - February 1, 2014 at 9:04pm
If its for life it means a software update cannot patch it. It's hard coded into the physical unit itself.
0
n350z - February 1, 2014 at 9:09pm
Have the AES keys allows the booting of unsigned code meaning its possable to inject unsigned code
![Apple Reports Q1 FY26 Earnings: $143.8 Billion in Revenue, $42.1 Billion in Net Income [Chart]](/images/news/99781/99781/99781-160.jpg "Apple Reports Q1 FY26 Earnings: $143.8 Billion in Revenue, $42.1 Billion in Net Income [Chart]")
![Tony Fadell Slams 'AI-First' Hype, Calls Apple Vision Pro an 'Abject Failure' [Video]](/images/news/99779/99779/99779-160.jpg "Tony Fadell Slams 'AI-First' Hype, Calls Apple Vision Pro an 'Abject Failure' [Video]")
![iPhone 16 Named World's Best-Selling Smartphone of 2025, Apple Takes 7 of Top 10 Spots [Report]](/images/news/99774/99774/99774-160.jpg "iPhone 16 Named World's Best-Selling Smartphone of 2025, Apple Takes 7 of Top 10 Spots [Report]")
![AirPods Pro 3 Return to All-Time Low Price of $199 [Deal]](/images/news/99752/99752/99752-160.jpg "AirPods Pro 3 Return to All-Time Low Price of $199 [Deal]")
![Apple's 13-Inch M5 iPad Pro (Silver) Hits New All-Time Low at $1,149.99 [Deal]](/images/news/99729/99729/99729-160.jpg "Apple's 13-Inch M5 iPad Pro (Silver) Hits New All-Time Low at $1,149.99 [Deal]")
![Apple's 13-Inch M5 iPad Pro (1TB) Hits New All-Time Low at $1,706 [Deal]](/images/news/99716/99716/99716-160.jpg "Apple's 13-Inch M5 iPad Pro (1TB) Hits New All-Time Low at $1,706 [Deal]")
![Apple Pro Display XDR Drops to $3,999 With Massive $1,000 Discount [Deal]](/images/news/99684/99684/99684-160.jpg "Apple Pro Display XDR Drops to $3,999 With Massive $1,000 Discount [Deal]")
